K2 Compliance is an innovative medium that has redefined the management of the risk assessment process. The application acts as a central hub to store, collect and analyze data relative to an organization’s security risks. Let’s take a quick look at the asset-based risk assessment process managed through K2 Compliance starting with an organization’s hardware.

Found within the hardware information system are categories or groups of like assets such as servers. Records of each individual asset are stored within the K2 Compliance. Vulnerabilities are identified against each asset that has been selected as part of the risk assessment. Threats are then associated to this group of assets based on the identified vulnerabilities. The system stores a full library of threat events that are associated with specific types of assets. New threats can be easily added to the library during this process.

There may be scenarios where additional scans and tests are performed against an individual asset in the group resulting in the identification of additional vulnerabilities. This, in turn, may present additional threats against that asset that aren’t applied to the entire group.

From here the inherent risk is calculated for each threat associated to an individual or group of assets. These calculations can be based on any number of different methodologies such as NIST, FAIR, ISO, etc.

K2 Compliance provides a full library of security controls from many different frameworks. Each threat has links to relevant controls that, if implemented, will help mitigate the inherent risk scores for an asset. A dedicated project workspace is created per control to assess the compliance status. Summaries and findings for each control assessed feed into a formal report that the system generates with the click of a button.

Those controls that are determined to be implemented are applied to their associated threats, mitigating the risk associated with an asset or group of assets. If the newly calculated risk score falls below the organization defined risk tolerance or threshold, then the risk is accepted and documented.

Mitigation activities are assigned to those threat risks that are still above the risk threshold even after applying any implemented controls. These activities are noted in the mitigation portion of the risk assessment report that is generated at the conclusion of the risk assessment project.

Now that October is over, the leaves have changed colors, they are falling off their branches, and the Daylight Saving time ends this Sunday, November 4th, we’ve began to feel different. As the seasons change, they put us in different mental states. Although Fall brings one of the most family-oriented holidays, Thanksgiving, it can also have a negative affect on our daily outlook.

After 20 years in the mail delivery business we often get asked, “What’s the difference between Certified and Registered mail services provided by the USPS?” As an owner of a small business or healthcare practice it’s critical to understand the different mailing services offered by the United States Postal Service.

For everyone’s convenience, our Patient Engagement Communication team has designed a FREE Flu Season Vaccination Information Brochure for the 2018 - 2019 season. Click the button below for more information.

At Etactics, we believe in providing transparency into our unique process of development that allows for us to establish best-in-class Revenue Cycle SaaS-based solutions. This belief system has lead to an unprecedented customer service experience within our vertical markets for almost 20 years. We’re excited to announce how we are taking the Etactics experience to the next level…

We will be attending the 2018 Ohio Association of Community Health Centers' Fall Operations Conference in Columbus, Ohio on September 27th and 28th this week!

The Fall Conference is OACHC’s second largest gathering of federally qualified community health center leaders in Ohio as they host over 200 community health center leaders. This two day event will be held at the new Marriott University Area in Columbus, Ohio. The Fall Operations Conference features two plenary sessions, educational breakout sessions, forums, and valuable networking time for healthcare industry leaders.

When the USPS officially declares that operations have been suspended and that deliveries and other services will be affected it could potentially have a huge negative impact on your organization. So how can your business prepare for USPS Service Disruptions?

Each vendor has their own unique record within K2 Compliance. These vendor records contain detailed information such as address, website, industry, specific persons of contact, and other demographics. The versatility of the application allows these data points to vary based on client preference

K2 Compliance is an innovative medium that has redefined the management of the risk assessment process. The application acts as a central hub to store, collect and analyze data relative to an organization’s security risks. Let’s take a quick look at the an asset-based risk assessment process managed through K2 Compliance starting with an organization’s hardware.